login.healthdata.org

Issued by GeoTrust Global TLS RSA4096 SHA256 2022 CA1

About this certificate

This digital certificate with serial number 0a:38:f8:8a:10:a8:87:80:69:54:81:a4:f2:2e:37:1c was issued on by DigiCert, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=login.healthdata.org

DigiCert, Inc.

Organization: DigiCert, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:38:f8:8a:10:a8:87:80:69:54:81:a4:f2:2e:37:1c
Serial Number (int): 13588089558150741242064546679961302812
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: b7:98:c7:70:d5:88:70:dc:44:b3:af:d2:16:60:7b:25:0f:b5:d3:7b
AuthorityKeyId: a5:b4:d6:eb:36:c4:e7:6b:a6:df:c4:64:0b:01:2a:20:04:b8:66:23

Fingerprint (sha1): be:6d:cd:fa:fe:9a:da:3a:85:23:7a:fc:3b:a7:3e:7a:55:9d:51:7c
Fingerprint (sha256): c8:f5:56:2a:13:ce:03:6c:48:33:56:4e:f1:5c:d8:da:43:18:8c:8a:43:e1:c3:10:19:f6:a8:92:4a:32:ad:50

Issuing Certificate URL: http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl
CRL Distribution Point: http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl

Check the revocation status for certificate login.healthdata.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for login.healthdata.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

login.healthdata.org

Other certificates including the domain name healthdata.org

(limited to 100 certificates)
dev.healthdata.org
*.stage.ghdx.healthdata.org
ssl441041.cloudflaressl.com
login.healthdata.org
ssl441041.cloudflaressl.com
ssl441041.cloudflaressl.com
ssl441042.cloudflaressl.com
ssl441041.cloudflaressl.com
sni.cloudflaressl.com
ssl441042.cloudflaressl.com
ssl4831.cloudflare.com
sni.cloudflaressl.com
ssl441041.cloudflaressl.com
ssl441042.cloudflaressl.com
healthdata.org
healthdata.org
s3.healthdata.org
learn.healthdata.org
ssl319586.cloudflaressl.com
learn.healthdata.org
learn.healthdata.org
dl.healthdata.org
ssl441041.cloudflaressl.com
learn.healthdata.org
console.dl.healthdata.org
healthdata.org
ssl441041.cloudflaressl.com
ssl319586.cloudflaressl.com
healthdata.org
sni.cloudflaressl.com
ssl4831.cloudflare.com
ssl441041.cloudflaressl.com
ssl441042.cloudflaressl.com
dl.healthdata.org
console.dl.healthdata.org
sni.cloudflaressl.com
ssl441042.cloudflaressl.com
dev.healthdata.org
learn.healthdata.org
healthdata.org
healthdata.org
learn.healthdata.org
sni.cloudflaressl.com
ssl441042.cloudflaressl.com
learn.healthdata.org
healthdata.org
ssl441040.cloudflaressl.com
login.healthdata.org
*.stage.ghdx.healthdata.org
ssl441040.cloudflaressl.com
ssl441041.cloudflaressl.com
healthdata.org
www.healthdata.org
*.stage.ghdx.healthdata.org
console.dl.healthdata.org
learn.healthdata.org
console.dl.healthdata.org
healthdata.org
healthdata.org
console.dl.healthdata.org
dl.healthdata.org
console.dl.healthdata.org
healthdata.org
login.healthdata.org
console.dl.healthdata.org
console.dl.healthdata.org
healthdata.org
sni.cloudflaressl.com
dl.healthdata.org
ssl441042.cloudflaressl.com
healthdata.org
healthdata.org
ssl441042.cloudflaressl.com
www.healthdata.org
healthdata.org
ssl441040.cloudflaressl.com
learn.healthdata.org
ssl441040.cloudflaressl.com
console.dl.healthdata.org
ssl4831.cloudflare.com
sni.cloudflaressl.com
console.dl.healthdata.org
healthdata.org
login.healthdata.org
learn.healthdata.org
ssl441042.cloudflaressl.com
*.stage.ghdx.healthdata.org
ssl441040.cloudflaressl.com
ssl441042.cloudflaressl.com
healthdata.org
login.healthdata.org
learn.healthdata.org
ssl441041.cloudflaressl.com
ssl441041.cloudflaressl.com
ssl4831.cloudflare.com
ssl441041.cloudflaressl.com
ssl441042.cloudflaressl.com
ssl441040.cloudflaressl.com
learn.healthdata.org
sni.cloudflaressl.com

Certificate

The complete raw certificate details for login.healthdata.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHlDCCBXygAwIBAgIQCjj4ihCoh4BpVIGk8i43HDANBgkqhkiG9w0BAQsFADBc
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNDAyBgNVBAMT
K0dlb1RydXN0IEdsb2JhbCBUTFMgUlNBNDA5NiBTSEEyNTYgMjAyMiBDQTEwHhcN
MjMwNjA5MDAwMDAwWhcNMjMxMjA5MjM1OTU5WjAfMR0wGwYDVQQDExRsb2dpbi5o
ZWFsdGhkYXRhLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN3W
qU+2yfsorRvdP6QqYZB82RqaYJOeYCOvcHazEqfXKbqfVa5P/FHZ/wlEDm6j0UeR
Gh89jZ9PSGDe4Lc6Q3YPnsfp34DP7bJvSi9+1fdwGc3Z7ObzlkFf5gBKQFwfuUNq
ws1DqGU1MGhW1sAxSx1YGC6QXQwayh6O4kNKrK/aOIQpKxSfbnwygBjd1uErpu/+
Xl4H2ZgIEeWO87wlbQhNT4ngFtlaowhBBtkGI2zV/HT+PDlx4+Y/qDXyVb42h6+j
pn3huwYYuIeBlWb3omVEVG1vA+BSngfb1dMZkSUVpqep61pgMV0TraZwD3To38i/
pl5T5zm0Aw6wu6vRyQ0CAwEAAaOCA40wggOJMB8GA1UdIwQYMBaAFKW01us2xOdr
pt/EZAsBKiAEuGYjMB0GA1UdDgQWBBS3mMdw1Yhw3ESzr9IWYHslD7XTezAfBgNV
HREEGDAWghRsb2dpbi5oZWFsdGhkYXRhLm9yZzAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGfBgNVHR8EgZcwgZQwSKBGoESG
Qmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQw
OTZTSEEyNTYyMDIyQ0ExLmNybDBIoEagRIZCaHR0cDovL2NybDQuZGlnaWNlcnQu
Y29tL0dlb1RydXN0R2xvYmFsVExTUlNBNDA5NlNIQTI1NjIwMjJDQTEuY3JsMD4G
A1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGln
aWNlcnQuY29tL0NQUzCBhwYIKwYBBQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRw
Oi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRz
LmRpZ2ljZXJ0LmNvbS9HZW9UcnVzdEdsb2JhbFRMU1JTQTQwOTZTSEEyNTYyMDIy
Q0ExLmNydDAJBgNVHRMEAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDo
PtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYigoDm/AAAEAwBHMEUC
IGfmCKaOfqkafAem24ZxbtC2JzfPhf699M1kd/SP++RxAiEA45A2e9YGJDQqxOGc
94Y5NltL7vT+aYTqWMo/JudTmtIAdgCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc
8AMOeTalmgAAAYigoDnZAAAEAwBHMEUCIB2OF/itJtc4Lbq09GUXhfiHGZx58eKp
ybExCW4qZuYYAiEAkp7Vek/wVdKDM+QmpTWX3ES9qDptZktYENSiUW0CmM8AdgB6
MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYigoDlHAAAEAwBHMEUC
IHNDmE34gLA/yUI+jc/WP3Y8SpI3yQ0ARsl1YsKx4rQVAiEAvnZdzmtyfaAUtXpR
MCXfES9SEfoJ07bhGRCBGbI9xekwDQYJKoZIhvcNAQELBQADggIBAD4GRKuf1DYH
9MEgy2VFbOIsmE1lWnSDrwCbO5Mu0+i5glPBYbHFnT7TFlid1bdnvXTjvWysQmI/
OFqbylDzmK6wjhp6DDEMAN3G8j/ldwl0YrUaC70Gr4g9CzdcwatWufCzWxf1Y2rA
2ArBw4DwCoffxwW5amSwYLhciAfO1XZSBX82Vj7vPZDnwcVu7kXctOh7cALoRH50
5qYxN2c3sAC0MnZ71pS7O8mv3hplosvt1YZ6ozDzNbd7DDkgfnBG5IkGAbgKZFm5
WdHyVhLXhECNC8SYHaqzJL/T/bj6A+tpUhf9pHr7JaMzUCfL8w9yLMW9+Tj4TSf2
MRwkq46nr5FDvleeD97bUrH52mCwy6qeeLdT06nu6zBVPfxlQDotHiNT1ZLGSgVt
u3euowP/YCBnB58+oVE0kTxThon/eTuxpHLl0tdDjlSg2eD8+o8dS7Iw1fuHefc/
3hy85t5/XTrNLxyXRvc2/6/5ECiuvOf37KkwjxPIDqwHbpsrYLuivpmn5nW2FGWK
1M3wX8gaV+c8A1DVojuAGxHQSWZ6tWXkaOqLA/7OYBW0VoXAgDjASMyJCzTmPrlQ
3rZQbJ2tlh4DEfT6xMwTzE7UuNFWH+aZF5dqcCd29iqUECv3dOFg9RUFlVelKVqN
wJwjLIyI3Xf+5U/JtwLUGufNPdDJnZ1j
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dapT7bJ+yitG90/pCph
kHzZGppgk55gI69wdrMSp9cpup9Vrk/8Udn/CUQObqPRR5EaHz2Nn09IYN7gtzpD
dg+ex+nfgM/tsm9KL37V93AZzdns5vOWQV/mAEpAXB+5Q2rCzUOoZTUwaFbWwDFL
HVgYLpBdDBrKHo7iQ0qsr9o4hCkrFJ9ufDKAGN3W4Sum7/5eXgfZmAgR5Y7zvCVt
CE1PieAW2VqjCEEG2QYjbNX8dP48OXHj5j+oNfJVvjaHr6OmfeG7Bhi4h4GVZvei
ZURUbW8D4FKeB9vV0xmRJRWmp6nrWmAxXROtpnAPdOjfyL+mXlPnObQDDrC7q9HJ
DQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13588089558150741242064546679961302812
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Global TLS RSA4096 SHA256 2022 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'login.healthdata.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28004518865535574697827267284167969047998530504752525910202678569205217184101161244990131701927747038332851863186834815601036019505795264346249584097157575590368156931981263528503704393348250590545936712018766042807640125184483229964069376211005235760975886633186066695798266340930661410475727886086277246392061358391459697098360425280001993689372346398295328143167334441186555959881327879973474774283489208401968092082406035948560986990712652174997434536912655014363756677359678009487427469512692960531718421080173478493705029775813833489367667949745237884734270576933079801049369676277950999525995647166956574984461
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a5b4d6eb36c4e76ba6dfc4640b012a2004b86623
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b798c770d58870dc44b3afd216607b250fb5d37b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'login.healthdata.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/GeoTrustGlobalTLSRSA4096SHA2562022CA1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000188a0a039bf0000040300473045022067e608a68e7ea91a7c07a6db86716ed0b62737cf85febdf4cd6477f48ffbe471022100e390367bd60624342ac4e19cf78639365b4beef4fe6984ea58ca3f26e7539ad2007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000188a0a039d9000004030047304502201d8e17f8ad26d7382dbab4f4651785f887199c79f1e2a9c9b131096e2a66e618022100929ed57a4ff055d28333e426a53597dc44bda83a6d664b5810d4a2516d0298cf0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000188a0a03947000004030047304502207343984df880b03fc9423e8dcfd63f763c4a9237c90d0046c97562c2b1e2b415022100be765dce6b727da014b57a513025df112f5211fa09d3b6e119108119b23dc5e9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		003e0644ab9fd43607f4c120cb65456ce22c984d655a7483af009b3b932ed3e8b98253c161b1c59d3ed316589dd5b767bd74e3bd6cac42623f385a9bca50f398aeb08e1a7a0c310c00ddc6f23fe577097462b51a0bbd06af883d0b375cc1ab56b9f0b35b17f5636ac0d80ac1c380f00a87dfc705b96a64b060b85c8807ced57652057f36563eef3d90e7c1c56eee45dcb4e87b7002e8447e74e6a631376737b000b432767bd694bb3bc9afde1a65a2cbedd5867aa330f335b77b0c39207e7046e4890601b80a6459b959d1f25612d784408d0bc4981daab324bfd3fdb8fa03eb695217fda47afb25a3335027cbf30f722cc5bdf938f84d27f6311c24ab8ea7af9143be579e0fdedb52b1f9da60b0cbaa9e78b753d3a9eeeb30553dfc65403a2d1e2353d592c64a056dbb77aea303ff602067079f3ea15134913c538689ff793bb1a472e5d2d7438e54a0d9e0fcfa8f1d4bb230d5fb8779f73fde1cbce6de7f5d3acd2f1c9746f736ffaff91028aebce7f7eca9308f13c80eac076e9b2b60bba2be99a7e675b614658ad4cdf05fc81a57e73c0350d5a23b801b11d049667ab565e468ea8b03fece6015b45685c08038c048cc890b34e63eb950deb6506c9dad961e0311f4fac4cc13cc4ed4b8d1561fe69917976a702776f62a94102bf774e160f515059557a5295a8dc09c232c8c88dd77fee54fc9b702d41ae7cd3dd0c99d9d63